offsec.tools

A vast collection of security tools for bug bounty, pentest and red teaming

Go to offsec.tools

Tools featured this week

Script to steal passwords from ssh.

A tool to find subdomains and interesting things hidden inside.

OSINT automation for hackers.

A powerful shell script to maximize the recon and data collection process.

A WPA3 dictionary cracker.

Divide full port scan results and use it for targeted Nmap runs.

Credentials recovery project.

Android remote administration tool.

Scan for open S3 buckets and dump the contents.

NodeJS deserialization payload generator.

	hetty
	An HTTP toolkit for security research.

	ImHex
	Hex editor for reverse engineers, programmers and people who value their retinas when working at 3am.

	holehe
	Check if the mail is used on different sites and retrieve informations on sites.

	tfsec
	Security scanner for your Terraform code.

	sandsifter
	The x86 processor fuzzer.

	django-DefectDojo
	DevSecOps, ASPM, Vulnerability Management.

	zmap
	Fast single packet network scanner designed for Internet-wide network surveys.

	zgrab
	Fast Go application scanner.

	zdns
	Fast CLI DNS lookup tool.

	webhook.site
	Easily test HTTP webhooks with this handy tool that displays requests instantly.

	pipedream
	Collect HTTP or webhook requests and inspect them in a human-friendly way.

	trape
	People tracker on the Internet: OSINT analysis and research tool.

	The HTTP Garden
	Differential testing and fuzzing of HTTP servers and proxies.

Go to offsec.tools